October Patch Bulletin
This month there are 61 unique CVE’s, 10 critical and 1 being exploited. Out of these we pay close attention to CVE-2019-1367 .
CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.
The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
For additional details, please find the information from Microsoft below:
| Technology | Products Affected | Severity | Reference | Workaround/Exploited/ Publicly Disclosed | Vulnerability Info |
|---|---|---|---|---|---|
| Windows | Windows 7, 8.1, 8.1 RT, 10 Server 2008/2008 R2 Sever 2012, 2012 R2 Server 2016 Server 2019 System Center Windows 10 Mobile Windows Defender | Critical | CVE-2019-1060 CVE-2019-1166 CVE-2019-1230 CVE-2019-1255 CVE-2019-1311 CVE-2019-1314 CVE-2019-1315 CVE-2019-1316 CVE-2019-1317 CVE-2019-1318 CVE-2019-1319 CVE-2019-1320 CVE-2019-1321 CVE-2019-1322 CVE-2019-1323 CVE-2019-1325 CVE-2019-1326 CVE-2019-1333 CVE-2019-1335 CVE-2019-1336 CVE-2019-1337 CVE-2019-1338 CVE-2019-1339 CVE-2019-1340 CVE-2019-1341 CVE-2019-1342 CVE-2019-1343 CVE-2019-1344 CVE-2019-1346 CVE-2019-1358 CVE-2019-1359 CVE-2019-1360 CVE-2019-1361 CVE-2019-1362 CVE-2019-1363 CVE-2019-1364 CVE-2019-1365 CVE-2019-1368 | Workaround: No Exploited: No Public: No | Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing Tampering |
| Edge | All | Critical | CVE-2019-0608 CVE-2019-1307 CVE-2019-1308 CVE-2019-1335 CVE-2019-1356 CVE-2019-1357 CVE-2019-1367 CVE-2019-1371 | Workaround: No Exploited: No Public: No | Information Disclosure Remote Code Execution Spoofing |
| Internet Explorer | IE 9,10,11 | Critical | CVE-2019-1133 CVE-2019-1192 CVE-2019-1193 CVE-2019-1194 | Workaround: No Exploited: Yes Public: No | Remote Code Execution Spoofing |
| Office, Office Services, Office Web Apps | Office 365 ProPlus SharePoint 2010, 2013, 2016, 2019 Office 2010, 2013, 2016, 2019, Online Server Excel 2010, 2013, 2016, Excel Services 2016 for Mac, 2019 for Mac | Important | CVE-2019-1070 CVE-2019-1327 CVE-2019-1328 CVE-2019-1329 CVE-2019-1330 CVE-2019-1331 | Workaround: No Exploited: No Public: No | Elevation of Privilege Remote Code Execution Spoofing |
| Azure | Azure App Service on Azure Stack | Critical | CVE-2019-1372 | Workaround: No Exploited: No Public: No | Remote Code Execution |
| ChakraCore | ChakraCore | Critical | CVE-2019-1307 CVE-2019-1308 CVE-2019-1335 CVE-2019-1366 | Workaround: No Exploited: No Public: No | Remote Code Execution |
| Open Enclave SDK | Open Enclave SDK | Important | CVE-2019-1369 | Workaround: No Exploited: No Public: No | Information Disclosure |
| SQL Server Management Studio | 18.3, 18.3.1 | Important | CVE-2019-1313 CVE-2019-1376 | Workaround: No Exploited: No Public: No | Information Disclosure |
| Dynamics 365 On-Prem | 9.0 | Important | CVE-2019-1375 | Workaround: No Exploited: No Public: No | Spoofing |
In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.